Vulnerabilities > Sonicwall > Sonicosv
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-12 | CVE-2020-5135 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. | 7.5 |
| 2020-10-12 | CVE-2020-5134 | Out-of-bounds Read vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. | 4.0 |
| 2020-10-12 | CVE-2020-5133 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. | 5.0 |
| 2019-12-31 | CVE-2019-7479 | Improper Privilege Management vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. | 6.5 |
| 2019-04-02 | CVE-2019-7477 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. | 5.0 |
| 2019-04-02 | CVE-2019-7475 | Improper Access Control vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. | 7.5 |
| 2019-04-02 | CVE-2019-7474 | Improper Access Control vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. | 4.0 |
| 2019-02-19 | CVE-2018-9867 | Incorrect Permission Assignment for Critical Resource vulnerability in Sonicwall Sonicos and Sonicosv In SonicWall SonicOS, administrators without full permissions can download imported certificates. | 2.1 |
| 2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 2.1 |